Topics
General News Antivirus Reviews Network Defense Spyware Anti-Spam Phishing Scams Virus Alerts

Featured Product
Antivirus for your email server! Virus & content check mail with 5 virus scanning engines. Free 30 day trial available! Download Free Trial

Security Forums
Desktop Security Malware Removal Help Spam Blocking Patches and Hotfixes Network Security Firewalls and Routers Intrusion Detection Web Proxies Antivirus Support Symantec McAfee Trend Micro Other Antivirus

Quick Resources
About Antisource Malware Threats Triangle Free Virus Scan Virus Map

Symantec Flaw actually Spreads Viruses

Wednesday, February 09, 2005
Author: Richard S. Westmoreland
Permalink: 20050210150447716

Virus Alerts

A vulnerability has been discovered in Symantec's Antivirus products. The unpatched antivirus allows the UPX Parsing Engine to be exploited to send a virus or install other trojan programs. UPX is a compressed executable format, which is scanned by DEC2EXE. Many email filtering solutions use Symantec for their virus scanner, allowing a potential worm to spread by the very means used to stop them.

Symantec had already begun removing the DEC2EXE engine from it's products. To see what versions are still vulnerable:

Symantec UPX Parsing Engine Heap Overflow - Affected and Unaffected Products

More information about this news can be found at:

Symantec flaw leaves opening for viruses

ISS X-Force made the discovery, so you can find their advisory at:

Symantec Antivirus Library Heap Overflow